<!DOCTYPE html>
<html lang="zh-cn">
<head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <title>小心你的电脑被勒索了 - Feng&#39;s Blog - 大灰鼠的博客</title>
  <meta name="renderer" content="webkit" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>

<meta http-equiv="Cache-Control" content="no-transform" />
<meta http-equiv="Cache-Control" content="no-siteapp" />

<meta name="theme-color" content="#f8f5ec" />
<meta name="msapplication-navbutton-color" content="#f8f5ec">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="#f8f5ec">


<meta name="author" content="Feng" /><meta name="description" content="最近懒癌发作，以至于对这么严重的电脑病毒——勒索者病毒，竟然都不知道！（太不应该了，那咋办，懒癌严重呀），这不今天收到华为发来的邮件才晓得，" /><meta name="keywords" content="feng, 折腾人生, 电脑维修, 手机玩转, 技术心得, 拆机, 网站建设, 快乐悠悠, uu, 悠悠, 博客" />






<meta name="generator" content="Hugo 0.76.5 with theme even" />


<link rel="canonical" href="https://uu126.gitee.io/2017/362.html" />
<link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
<link rel="manifest" href="/manifest.json">
<link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5">



<link href="/sass/main.min.c7bc1becf36bcf6a9ebd25d2947e43a2eb745ddb0c9a32b43126fd7fa460c351.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.1.20/dist/jquery.fancybox.min.css" integrity="sha256-7TyXnr2YU040zfSP+rEcz29ggW4j56/ujTPwjMzyqFY=" crossorigin="anonymous">


<meta property="og:title" content="小心你的电脑被勒索了" />
<meta property="og:description" content="最近懒癌发作，以至于对这么严重的电脑病毒——勒索者病毒，竟然都不知道！（太不应该了，那咋办，懒癌严重呀），这不今天收到华为发来的邮件才晓得，" />
<meta property="og:type" content="article" />
<meta property="og:url" content="https://uu126.gitee.io/2017/362.html" />
<meta property="article:published_time" content="2017-05-13T14:33:00+00:00" />
<meta property="article:modified_time" content="2017-05-13T14:33:00+00:00" />
<meta itemprop="name" content="小心你的电脑被勒索了">
<meta itemprop="description" content="最近懒癌发作，以至于对这么严重的电脑病毒——勒索者病毒，竟然都不知道！（太不应该了，那咋办，懒癌严重呀），这不今天收到华为发来的邮件才晓得，">
<meta itemprop="datePublished" content="2017-05-13T14:33:00+00:00" />
<meta itemprop="dateModified" content="2017-05-13T14:33:00+00:00" />
<meta itemprop="wordCount" content="1252">



<meta itemprop="keywords" content="病毒,随笔," />
<meta name="twitter:card" content="summary"/>
<meta name="twitter:title" content="小心你的电脑被勒索了"/>
<meta name="twitter:description" content="最近懒癌发作，以至于对这么严重的电脑病毒——勒索者病毒，竟然都不知道！（太不应该了，那咋办，懒癌严重呀），这不今天收到华为发来的邮件才晓得，"/>

<!--[if lte IE 9]>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/classlist/1.1.20170427/classList.min.js"></script>
<![endif]-->

<!--[if lt IE 9]>
  <script src="https://cdn.jsdelivr.net/npm/html5shiv@3.7.3/dist/html5shiv.min.js"></script>
  <script src="https://cdn.jsdelivr.net/npm/respond.js@1.4.2/dest/respond.min.js"></script>
<![endif]-->

</head>
<body>
  <div id="mobile-navbar" class="mobile-navbar">
  <div class="mobile-header-logo">
    <a href="/" class="logo">Feng&#39;s Blog</a>
  </div>
  <div class="mobile-navbar-icon">
    <span></span>
    <span></span>
    <span></span>
  </div>
</div>
<nav id="mobile-menu" class="mobile-menu slideout-menu">
  <ul class="mobile-menu-list">
    <a href="/">
        <li class="mobile-menu-item">Home</li>
      </a><a href="/post/">
        <li class="mobile-menu-item">Archives</li>
      </a><a href="/tags/">
        <li class="mobile-menu-item">Tags</li>
      </a><a href="/links/">
        <li class="mobile-menu-item">Links</li>
      </a><a href="/ly/">
        <li class="mobile-menu-item">Ly</li>
      </a><a href="/about/">
        <li class="mobile-menu-item">About</li>
      </a>
  </ul>
</nav>
  <div class="container" id="mobile-panel">
    <header id="header" class="header">
        <div class="logo-wrapper">
  <a href="/" class="logo">Feng&#39;s Blog</a>
</div>

<nav class="site-navbar">
  <ul id="menu" class="menu">
    <li class="menu-item">
        <a class="menu-item-link" href="/">Home</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/post/">Archives</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/tags/">Tags</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/links/">Links</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/ly/">Ly</a>
      </li><li class="menu-item">
        <a class="menu-item-link" href="/about/">About</a>
      </li>
  </ul>
</nav>
    </header>

    <main id="main" class="main">
      <div class="content-wrapper">
        <div id="content" class="content">
          <article class="post">
    
    <header class="post-header">
      <h1 class="post-title">小心你的电脑被勒索了</h1>

      <div class="post-meta">
        <span class="post-time"> 2017-05-13 </span>
        <div class="post-category">
            <a href="/categories/it%E7%BB%BC%E5%90%88%E6%8A%80%E6%9C%AF/"> IT综合技术 </a>
            </div>
          <span class="more-meta"> 约 1252 字 </span>
          <span class="more-meta"> 预计阅读 3 分钟 </span>
        
      </div>
    </header>

    <div class="post-toc" id="post-toc">
  <h2 class="post-toc-title">文章目录</h2>
  <div class="post-toc-content always-active">
    <nav id="TableOfContents">
  <ul>
    <li>
      <ul>
        <li>
          <ul>
            <li><a href="#严重警惕勒索者病毒安全预警">【严重】警惕勒索者病毒安全预警</a></li>
          </ul>
        </li>
      </ul>
    </li>
  </ul>
</nav>
  </div>
</div>
    <div class="post-content">
      <p>最近懒癌发作，以至于对这么严重的电脑病毒——勒索者病毒，竟然都不知道！（太不应该了，那咋办，懒癌严重呀），这不今天收到华为发来的邮件才晓得，要不然哪天自家电脑被勒索了都不故道是咋回事，来秀个邮件原文吧：</p>
<blockquote>
<h3 id="严重警惕勒索者病毒安全预警">【严重】警惕勒索者病毒安全预警</h3>
<h4 id="一概述">一、概述</h4>
<p>近日英国、意大利、俄罗斯等全球多个国家爆发勒索病毒攻击，中国大批高校也出现感染情况，众多师生的电脑文件被病毒加密，只有支付赎金才能恢复。经初步分析，该病毒加密数据或获取密钥后，会自我删除病毒程序，因此事后通过杀毒软件无法发现异常。加密数据后，会在桌面和多个目录生产一个类似!README.HTML的文件，告知管理员数据被加密和解密的途径。</p>
<h4 id="二预警级别">二、预警级别</h4>
<p>级别：严重。（说明：级别共四级：一般、重要、严重、紧急。）</p>
<h4 id="三影响范围">三、影响范围</h4>
<p>若被植入该木马，主机的所有数据都会被加密，且无法自行修复。</p>
<h4 id="四验证方法">四、验证方法</h4>
<p>若中勒索者病毒，主机业务无法使用，会在桌面和多个目录生产勒索文件。</p>
<h4 id="五安全建议">五、安全建议</h4>
<p>目前勒索者病毒无法自行修复，最好方法是提前预防数据丢失，建议做好如下几点：</p>
<ul>
<li>数据异地备份。不要备份到本机，勒索者病毒同样会导致备份数据被加密。</li>
<li>Windows系统确保修复最近爆发的RDP/SMB零日漏洞，参考：<a href="https://www.hwclouds.com/notice/1493030508794.html" target="_blank"  rel="nofollow" ><a href="https://www.hwclouds.com/notice/1493030508794.html" target="_blank"  rel="nofollow" ><a href="https://www.hwclouds.com/notice/1493030508794.html">https://www.hwclouds.com/notice/1493030508794.html</a></a></a></li>
<li>检查系统、数据库、应用的管理员口令都必须足够复杂。</li>
<li>禁止非业务必须端口开放到互联网。</li>
<li>检查系统应用组件(如Struts2，java，log4j等)已升级到最新版本，参考华为企业云官网公告<a href="https://www.hwclouds.com/about/notice_1.html" target="_blank"  rel="nofollow" ><a href="https://www.hwclouds.com/about/notice_1.html" target="_blank"  rel="nofollow" ><a href="https://www.hwclouds.com/about/notice_1.html">https://www.hwclouds.com/about/notice_1.html</a></a></a><br>
注意：修复漏洞前请将资料备份，并进行充分测试。</li>
</ul>
</blockquote>
<p>找度娘问了问，方知这厮极其厉害，已祸害全球99个国家之多（当然包括中国，高校居多），一个很牛掰的家伙，开口要价不是美刀就是比特币。</p>
<p><img src="https://cdn.uu126.cn/usr/uploads/2017/05/3684303448.jpg" alt="lzs03.jpg" title="lzs03.jpg"><br>
<img  class="lazyload" data-src="https://cdn.uu126.cn/usr/uploads/2017/05/1823672828.jpg" src="https://cdn.jsdelivr.net/gh/moezx/cdn@3.0.2/img/svg/loader/trans.ajax-spinner-preloader.svg" onerror="imgError(this)"  alt="lsz02.jpg" title="lsz02.jpg" /></p>
<noscript>
  <img src="https://cdn.uu126.cn/usr/uploads/2017/05/3684303448.jpg" alt="lzs03.jpg" title="lzs03.jpg" /><br /><img src="https://cdn.uu126.cn/usr/uploads/2017/05/1823672828.jpg" alt="lsz02.jpg" title="lsz02.jpg" /></p>
</noscript>
<p>当然大家也不必太过惊慌，所谓“魔高一尺道高一丈”，做到以下这些基本就可以避免了：</p>
<ul>
<li>为计算机安装最新的安全补丁，微软已发布补丁MS17-010修复了“永恒之蓝”攻击的系统漏洞，请尽快安装此安全补丁，网址为<a href="https://technet.microsoft.com/zh-cn/library/security/MS17-010" target="_blank"  rel="nofollow" ><a href="https://technet.microsoft.com/zh-cn/library/security/MS17-010" target="_blank"  rel="nofollow" ><a href="https://technet.microsoft.com/zh-cn/library/security/MS17-010">https://technet.microsoft.com/zh-cn/library/security/MS17-010</a></a></a>。</li>
<li>关闭445、135、137、138、139端口，关闭网络共享。</li>
<li>强化网络安全意识：不明链接不要点击，不明文件不要下载，不明邮件不要打开。</li>
<li>尽快（今后定期）备份自己电脑中的重要文件资料到移动硬盘、U盘，备份完后脱机保存该磁盘。</li>
<li>建议仍在使用windows xp， windows 2003操作系统的用户尽快升级到 window 7/windows 10，或 windows 2008/2012/2016操作系统。</li>
<li>安装正版操作系统、Office软件等。</li>
</ul>
<p>WindowsXP和2003的，由于服务已到期，微软并没有放出补丁，所以有顾虑的还是抓紧升级系统吧。据说中石油的加油卡自助服务终端也不幸中招了：<br>
<img   class="lazyload" data-src="https://cdn.uu126.cn/usr/uploads/2017/05/1223046924.jpg" src="https://cdn.jsdelivr.net/gh/moezx/cdn@3.0.2/img/svg/loader/trans.ajax-spinner-preloader.svg" onerror="imgError(this)"  alt="lsz01.jpg" title="lsz01.jpg" /><br>
所以千万不要抱有侥幸心理，必要的安全防护还是要的！</p>
<noscript>
  <img src="https://cdn.uu126.cn/usr/uploads/2017/05/1223046924.jpg" alt="lsz01.jpg" title="lsz01.jpg" /><br />所以千万不要抱有侥幸心理，必要的安全防护还是要的！</p>
</noscript>

    </div>

    <div class="post-copyright">
  <p class="copyright-item">
    <span class="item-title">文章作者</span>
    <span class="item-content">Feng</span>
  </p>
  <p class="copyright-item">
    <span class="item-title">上次更新</span>
    <span class="item-content">
        2017-05-13
        
    </span>
  </p>
  
  
</div>
<div class="post-reward">
  <input type="checkbox" name="reward" id="reward" hidden />
  <label class="reward-button" for="reward">赞赏支持</label>
  <div class="qr-code">
    
    <label class="qr-code-image" for="reward">
        <img class="image" src="https://cdn.uu126.cn/hugo/wechat.png">
        <span>微信打赏</span>
      </label>
    <label class="qr-code-image" for="reward">
        <img class="image" src="https://cdn.uu126.cn/hugo/alipay.png">
        <span>支付宝打赏</span>
      </label>
  </div>
</div><footer class="post-footer">
      <div class="post-tags">
          <a href="/tags/%E7%97%85%E6%AF%92/">病毒</a>
          <a href="/tags/%E9%9A%8F%E7%AC%94/">随笔</a>
          </div>
      <nav class="post-nav">
        <a class="prev" href="/2017/363.html">
            <i class="iconfont icon-left"></i>
            <span class="prev-text nav-default">勒索病毒（Wannacry蠕虫病毒）预防方案</span>
            <span class="prev-text nav-mobile">上一篇</span>
          </a>
        <a class="next" href="/2017/361.html">
            <span class="next-text nav-default">狗东又牛了一回</span>
            <span class="next-text nav-mobile">下一篇</span>
            <i class="iconfont icon-right"></i>
          </a>
      </nav>
    </footer>
  </article>
        </div>
        

  
  <div id="vcomments"></div>
  <script src="//cdn1.lncld.net/static/js/3.0.4/av-min.js"></script>
  <script src='//unpkg.com/valine/dist/Valine.min.js'></script>
  <script type="text/javascript">
    new Valine({
        el: '#vcomments' ,
        appId: '5sMkTX4FLjetFnfbOhaDTCDJ-9Nh9j0Va',
        appKey: '25KXCqIqAN142RQn4fBrsI87',
        notify:  false ,
        verify:  false ,
        avatar:'mm',
        placeholder: '说点什么吧...',
        visitor:  false 
    });
  </script>

  

      </div>
    </main>

    <footer id="footer" class="footer">
      <div class="social-links">
  <a href="https://uu126.gitee.io/index.xml" type="application/rss+xml" class="iconfont icon-rss" title="rss"></a>
</div>

<div class="copyright">
  <span class="copyright-year">  
  Hosted by <a href="https://pages.coding.me" style="font-weight: bold">Coding Pages</a> + <a href="https://cloud.tencent.com/redirect.php?redirect=1005&cps_key=4e78216aea817227ff0c96d93a00fd4b" target="_blank" rel="nofollow">腾讯云 + </a><a href="https://console.upyun.com/register/?invite=S1JeTquHL" target="_blank" rel="nofollow"><span class="with-love"><img src="https://cdn.lancn.cn/images/upyun.png" style="width:45px;vertical-align:middle;" alt="又拍云存储"></span></a>
   </span> 
  <div class="busuanzi-footer">
    <a target="_blank"  href="http://www.beian.miit.gov.cn">浙ICP备11026647号-3</a><span class="post-meta-divider"> | </span><a target="_blank" href="http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=33088102001325"><span class="with-love"><img src="https://cdn.uu126.cn/icon-police.png" style="width:14px;"></span> 浙公网安备33088102001325号</a>
  </div>
  <span class="power-by">
    由 <a class="hexo-link" href="https://gohugo.io">Hugo</a> 强力驱动
  </span>
  <span class="division">|</span>
  <span class="theme-info">
    主题 - 
    <a class="theme-link" href="https://github.com/olOwOlo/hugo-theme-even">Even</a>
  </span>
   

  

  <span class="copyright-year">
    &copy; 
    2012 - 
    2020<span class="heart"><i class="iconfont icon-heart"></i></span><span>Feng</span>
  </span>
</div>

    </footer>

    <div class="back-to-top" id="back-to-top">
      <i class="iconfont icon-up"></i>
    </div>
  </div>
  <script src="/lib/highlight/highlight.pack.js?v=20171001"></script>
  <script src="https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js" integrity="sha256-hwg4gsxgFZhOsEEamdOYGBf13FyQuiTwlAQgxVSNgt4=" crossorigin="anonymous"></script>
  <script src="https://cdn.jsdelivr.net/npm/slideout@1.0.1/dist/slideout.min.js" integrity="sha256-t+zJ/g8/KXIJMjSVQdnibt4dlaDxc9zXr/9oNPeWqdg=" crossorigin="anonymous"></script>
  <script src="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.1.20/dist/jquery.fancybox.min.js" integrity="sha256-XVLffZaxoWfGUEbdzuLi7pwaUJv1cecsQJQqGLe7axY=" crossorigin="anonymous"></script>



<script type="text/javascript" src="/js/main.min.c12618f9a600c40bd024996677e951e64d3487006775aeb22e200c990006c5c7.js"></script>








</body>
</html>
